<?php
class user {
	protected $engine = null;
	protected $sql = null;
	
	public $id = null;
	public $role = ROLE_GUEST;
	
	protected $properties = array();
	
	public function __construct($engine) {
		session_start();
		$this->engine = $engine;
		$this->sql = $this->engine->sql;
		$this->authorization();
	}
	
	public function getPreferredTheme() {
		if ($this->id == null) return DEFAULT_THEME;

		$t = $this->getProperty("preferred_theme");
		if ($t == "") {
			$this->setProperty("preferred_theme", DEFAULT_THEME);
			return DEFAULT_THEME;
		} else {
			return $t;
		}
	}
	
	public function getPreferredLanguage() {
		if ($this->id == null) return DEFAULT_LANGUAGE;

		$l = $this->getProperty("preferred_language");
		if ($l == "") {
			$this->setProperty("preferred_language", DEFAULT_LANGUAGE);
			return DEFAULT_LANGUAGE;
		} else {
			return $l;
		}
	}
	
	public function authorization($login=null, $password=null) {
		if ($login !== null and $password !== null) {
			session_unset();
			$this->properties = array();
			$this->id = null;
			$this->role = ROLE_GUEST;
			if ($user = $this->sql->getRowFromDB("SELECT id, role FROM users WHERE login='%s' AND is_active='1' AND password=MD5('%s') LIMIT 1", $login, $password)) {
				$this->id = $user['id'];
				$this->role = $user['role'];
				$this->getProperty(array("id","role","login","last_activity"));
//				if ((date('U') - strtotime($this->properties['last_activity'])) < 2) throw new Exception(_("Too fast!"));	// protecting from too frequent access
				$this->setProperty('last_activity', new sqlFunction("NOW()"));
				$_SESSION['UP']['authorized'] = true;
				return true;
			}
		}
		if (isset($_SESSION['UP']['authorized']) and $_SESSION['UP']['authorized'] == true) {
			$this->id = $_SESSION['UP']['id'];
			$this->role = $_SESSION['UP']['role'];
			foreach ($_SESSION['UP'] as $k => $v) {
				$this->properties[$k] = $v;
			}
			$this->setProperty('last_activity', new sqlFunction("NOW()"));
			return true;
		}
		return false;
	}
	
	public function registration($login, $password) {
		$this->sql->insertIntoTable("users", array(
			'login' => $login,
			'password' => new sqlFunction("MD5('%s')", $password)
		));
		$this->sql->insertIntoTable("user_properties", array(
			'user_id' => $this->sql->lastInsertId
		));
		$this->authorization($login, $password);
	}
	
	public function getProperty($propertyName) {
		if (is_array($propertyName)) {
			$return = array();
			foreach ($propertyName as $v) {
				$return[$v] = $this->getProperty($v);	// TODO: here too many SQL-queries, recast needed
			}
			return $return;
		} else {
			if (isset($this->properties[$propertyName])) {
				return $this->properties[$propertyName];
			}
			
			if (isset($GLOBALS['userPrimaryProperties'][$propertyName])) {
				$this->properties[$propertyName] = $this->sql->getValueFromDB('SELECT `'.$propertyName.'` FROM users WHERE id="'.$this->id.'" LIMIT 1');
			} elseif (isset($GLOBALS['userSecondaryProperties'][$propertyName])) {
				$this->properties[$propertyName] = $this->sql->getValueFromDB('SELECT `'.$propertyName.'` FROM user_properties WHERE user_id="'.$this->id.'" LIMIT 1');
			} else {
				return null;
			}
			$_SESSION['UP'][$propertyName] = $this->properties[$propertyName];
			return $this->properties[$propertyName];
		}
	}

	public function setProperty($propertyName, $propertyValue=null) {
		if (is_array($propertyName) and $propertyValue==null) {
			foreach ($propertyName as $k => $v) {
				$this->setProperty($k, $v);	// TODO: here too many SQL-queries, recast needed
			}
			return true;
		} else {
			if (isset($GLOBALS['userPrimaryProperties'][$propertyName])) {
				$this->sql->updateTable('users', array($propertyName=>$propertyValue), 'id', $this->id);
			} elseif (isset($GLOBALS['userSecondaryProperties'][$propertyName])) {
				$this->sql->updateTable('user_properties', array($propertyName=>$propertyValue), 'user_id', $this->id);
			} else {
				return false;
			}
			$_SESSION['UP'][$propertyName] = $this->properties[$propertyName] = $propertyValue;
			return true;
		}
	}

	public function logout() {
		session_destroy();
		header("Location: /");
		exit();
	}
	
	public function authorizationRequired() {
		header("Location: ".AUTHORIZATION_URL."?goto=".urlencode($_SERVER['REQUEST_URI']));
		exit();
	}
	
	public function can($module, $method) {
		$classVars = get_class_vars($module);
		$permissions = $classVars['permissions'];
		if (isset($permissions['*'])) {
			if(in_array('*',$permissions['*']) or in_array($this->role,$permissions['*'])) {
				return true;
			}
			return false;
		} elseif (isset($permissions[$method])) {
			if(in_array('*',$permissions[$method]) or in_array($this->role,$permissions[$method])) {
				return true;
			}
			return false;
		} 
		return false;
	}
}
?>